Polyshell
Polyshell — multi-shell terminal scripting and cross-shell compatibility resources for developers.
-
https://gist.github.com/JeroenBoersma/d5c33066d7b0a7c69736a3d0f67ac9b1
NGINX config to block the Polyshell upload exploit at the edge, denying API and media paths regardless of location rules. Includes allowlisting, Hypernode/Maxcluster setup steps, and commands to scan affected paths and logs.
07 Apr 2026
-
https://github.com/taurus-media/module-polyshell-fix
A Magento 2 module designed to address a potential security concern related to custom options. It ensures that custom option values are correctly validated before processing, preventing unauthorized 'file' type injections.
1324 Mar 2026
-
https://github.com/markshust/magento-polyshell-patch
Mitigates the PolyShell vulnerability (APSB25-94) — an unrestricted file upload in the Magento REST API that allows attackers to upload executable files via cart item custom option file uploads.
126324 Mar 2026
